emo/procps
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

top: Do not default to the cwd in configs_r... Tweaked

Browse Source 
While it's only documented (so far) in commit text and
an occasional email I've tried to maintain some coding
standards primarily for reference/navigation purposes.
They also served, I felt, as useful mental challenges.

Someday I will get around to formerly documenting them
but in the meantime here are the ones for this commit:

. functions are grouped into logical (i hope) sections
. functions & sections are ordered to avoid prototypes
. function names are alphabetical within every section
. all functions & sections must be referenced in top.h

This patch just attempts to honor the above standards,
while also covering this new behavior in the man page.

[ please note that the net result of these 2 patches ]
[ is simply to avoid pathname truncations should our ]
[ limit of 1024 be exceeded. they do not have a role ]
[ in solving the 'local privilege escalation' issue. ]

[ and we can never prevent a user from setting their ]
[ HOME var to a directory writable by some attacker! ]

[ the only real protection for that CVE-2018-1122 is ]
[ those soon to be enhanced rcfile integrity checks, ]
[ achieved through several of the following patches. ]

Reference(s):
. original qualys patch
0097-top-Do-not-default-to-the-cwd-in-configs_read.patch

Signed-off-by: Jim Warner <james.warner@comcast.net>
This commit is contained in:
Jim Warner
2018-06-02 00:00:00 -05:00
committed by Craig Small
parent e051535686
commit 4550e60144
3 changed files with 23 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
top/top.1
View File

@@ -67,7 +67,7 @@
.
.\" Document /////////////////////////////////////////////////////////////
.\" ----------------------------------------------------------------------
.TH TOP 1 "February 2018" "procps-ng" "User Commands"
.TH TOP 1 "May 2018" "procps-ng" "User Commands"
.\" ----------------------------------------------------------------------
.\" ----------------------------------------------------------------------
@@ -2181,8 +2181,8 @@ While not intended to be edited manually, here is the general layout:
" # discussed below
.fi
If the $HOME and $XDG_CONFIG_HOME variables are not present, \*(We will try
to write the personal \*(CF in the current directory, subject to permissions.
If a valid absolute path to the rcfile cannot be established, customizations
made to a running \*We will be impossible to preserve.
.\" ......................................................................
.SS 6b. ADDING INSPECT Entries